10-21-2013 1:11 PM
Hello,
A user logs off" event is not being recorded into the Security audit when the user logs off from CRM WEB UI. Where as it works fine for the Abap user login & log-offs. Has anyone come across this problem in their environment.
System : SAP CRM ABAP 7.0
SAP_BASIS : 702
Regards,
Mudasir H Syed.
10-26-2013 3:58 PM
Hello,
For SAPGUI and RFC logon, logoff activity is recorded, but for HTTP logon, it's not recorded.
Technically SAPGUI and RFC clients keep connection to application server, but HTTP clients works
in a different way and it's hard to track logoff activity.
Thanks.
Jim
10-21-2013 4:21 PM
Hi Mudasir,
Kindly review and adjust the SM20-Audit settings accordingly:
Audit Class: Dialogon
Event Class: Non-crit
Area: AU
SUBID: C
Message: Logoff
For more explanatory details: kindly refer to: http://scn.sap.com/thread/3298688 and let us know if this doesn't address your issue.
BR,
Ameet Kumar
10-22-2013 11:53 AM
Hello Ameet,
I have checked the Audit settings and all the Events are selected in our system including the 'Log off' which you have mentioned.
The Dialog user log off ( User type - A ) is being captured whereas Http user log off ( User type - H ) is not available in the logs.
Regards,
Mudasir H syed.
10-22-2013 2:17 PM
Hi Mudasir,
I am surprised to know the user type: H - http user type, which is not as such.
We have the connection type as H-https, which we maintain for RFC maintenance under SM59.
We have only A (Dialog), B (Background processing), C (Communication), S (Service) and L (Reference).
Like you have already mentioned that for A-type users, you are able to see the logon/logoff reports so there is no other configuration need to be done. Kindly check.
BR,
Ameet Kumar
10-23-2013 10:36 AM
Hello Ameet,
If the Dialog user is logged in from ITS / WEB UI then it is being recorded as type H user ( Screenshot below ). However the logoff is not getting recorded.
Mudasir H Syed.
10-23-2013 7:50 AM
Hi Mudasir,
did the user log off from the system (using the log off function of the UI), close the browser window or just leave the window open and the session was closed due to inactivity? In the latter two cases, the http session is just closed, which is not recognized as a logoff (in fact, the user will not be logged out at all).
Regards,
Patrick
10-23-2013 10:37 AM
Hello Patrick,
The user is logging off using log off function from UI still it is not being recorded in the security audit.
Regards,
Mudasir H Syed.
10-26-2013 3:58 PM
Hello,
For SAPGUI and RFC logon, logoff activity is recorded, but for HTTP logon, it's not recorded.
Technically SAPGUI and RFC clients keep connection to application server, but HTTP clients works
in a different way and it's hard to track logoff activity.
Thanks.
Jim
10-28-2013 1:55 PM
Hello Jim,
The http user logon is being captured in the audit. And when I log-off from UI then the corresponding entry is being removed ( which indicates log-off process being done at server side ) & I can see the same in http session monitoring too. But the same logoff is not being captured in SM20 audit logs.
I think its due to lack of any Audit filter for Http user log-offs.
Thanks,
Mudasir
10-28-2013 4:47 AM
Hi Mudasir,
This is a tipical issue.
The trace of http logon or logoff via SM20 is not supported technically.
SM20 only can trace the logon or logoff with DIAG protocol (SAPGUI) and RFC protocol.
The reason why we cannot rely on SM20 audit log for http logon or logoff is
because http logon is not stable, it does not have real session,
technically no way to ensure http logon cannot be traced properly.
Therefore I have to say, please do not expect that http logon/logoff can be recorded in SM20 correctly.
Thanks and hopefully this could be helpful!
Sunny
10-28-2013 10:48 AM
Hi Mudasir,
Hope that you have now got the clarifications on your query.
As, the audit log activities can be performed for the user types which are connected to the SAPGUI and RFC clients which gets connected to the application server. But in case of HTTP-user type, it can't be established at the application server.
So finally, to answer your query: user-logon/off logs for HTTP-user type can't be recorded.
BR,
Ameet Kumar